1. Academic/professional training to at least a Bachelors Degree or its international equivalent, preferably in Computer Science, or Computer Engineering (Mandatory);2. At least 5 years of practice as an Information Security Engineer (Mandatory);3. At least 1 year of hands on testing of application security (Mandatory);4. Demonstrated knowledge of running web application testing tools (e.g., Cenzic Hailstorm /HP Web Inspect), identifying vulnerabilities as per SANS 25 or OWASP Top 10 specifications and helping develop platform specific remediation plan (Mandatory);5. Proven level of understanding of web application technologies (Java, .NET, Drupal) and database management systems (Oracle, MS SQL, etc.) and related security concepts (Mandatory);6. In-depth knowledge of common website vulnerabilities such as SQL injection, cross-site scripting, remote/local file inclusion, etc.; in-depth knowledge of common website exploit techniques such as character encoding, privilege escalation, directory traversal, etc. (Mandatory);Ability to work well under pressure and to meet tight deadlines. Demonstrates a high level of motivation, confidence, integrity and responsibility (Mandatory);7. Ability to be organized, responsive and to be able to effectively multi-task with a focus on driving results (Mandatory);8. Demonstrate excellent interpersonal skills; including the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers (Mandatory);9. Ability to collaborate with business stakeholders to identify requirements and drive compliance with approved standards (Mandatory).